cP -> cP Master/Server zone transfer permission denied -- HELP

[Mindlash]

I get an error when creating an account on the second server, when it's supposed to update the primary server.

Establish a Trust Relationship with a Primary Nameserver:
went fine..

Generating public/private rsa1 key pair.
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/identity.
Your public key has been saved in /root/.ssh/identity.pub.
The key fingerprint is:
12:7d:54:76:83:40:1f:7d:91:a3:61:bc:9d:1b:5a:a8 [email protected]
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
48:20:2a:13:64:cc:9e:3f:4e:2c:bb:0a:72:1a:8c:1a [email protected]
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
14:f6:96:3b:ba:bd:20:26:d3:dc:75:b1:4d:5e:38:7c [email protected]
spawn scp /root/.sshscript [email protected]:/root/.sshscript
Warning: Permanently added 'primary.dns.ip' (RSA) to the list of known hosts.

[email protected]'s password: Sending Password


stdin: is not a tty

.sshscript 0% | | 0 --:-- ETA
.sshscript 100% |*****************************| 490 00:00


spawn /usr/bin/ssh [email protected] /bin/sh /root/.sshscript
[email protected]'s password:
stdin: is not a tty
Script ok
Copy Complete
Trust Relationship Created!

Synchronize DNS Records with Primary Nameserver:
went fine..

Rebuilding DNS Zones List from master server .....
Rebuild Complete

However, on the primary server, i do not see any domains that I have created on the new server... they are supposed to sync right?...

On creating an account on the new server, I get the following...
+===================================+
| New Account Info |
+===================================+
| Domain: matttestingnewserver.com
| Ip: 123.123.123.123 (n)
| HasCgi: y
| UserName: matttest
| PassWord: matttest
| CpanelMod: x
| HomeRoot: /home
| Quota: unlimited Meg
| NameServer1: NS3.MYDOMAIN.COM
| NameServer2: NS4.MYDOMAIN.COM
| NameServer3:
| NameServer4:
+===================================+
User matttest added
Changing password for matttest
Password for matttest has been changed
Keeping Shell Access (y)
Jail Shell Enabled
Changing shell for matttest.
Shell changed.
Copying skel files from /root/cpanel3-skel/ to /home/matttest/
Using redhat 7.1/mdk 8.0
Using new quota support
(uid 320 0 0 ):
Filesystem blocks soft hard inodes soft hard
/dev/hda3 0 0 0 0 0 0
/dev/hda8 8 0 0 2 0 0
/dev/hda5 0 0 0 0 0 0
/dev/hda6 0 0 0 1 0 0
Name Virtual Host already exists
mod_userdir protection enabled
php open_basedir protection enabled
Added Entries to httpd.conf (noip)
Added DomainAlias Entry
Added Named Entry
Added Named File
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Added Remote Named File
Rebuilding DNS Zones List from master server .....
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,keyboard-interactive).
Rebuild Complete
Restarting apache
Ftp Password Files synced
Vhost Passwords synced
skip CONTACTAIM (2) [3]
send to CONTACTEMAIL (3) [3]
== WORKAROUND ENABLED ==
Serious Problem -- This should never happen!!
The hostname (server3.mydomain.com) is owned by the user mindlash
== WORKAROUND ENABLED ==
wwwacct creation finished
Account Creation Complete!!!

The account successfully gets created on the new server (from what I can tell... I can log in and whatever)... but strangly, when I go to 'Edit a DNS Zone' on the new server... it sits for a while, then comes up with blank drop-down lists.

in /var/named/ I see all the domains from my primary server (it seemed to sync in that direction) and I see my newly created zones, but they are simply not making it over to the primary server... Help?

Thank you very much for you help in advance.
.:. Mindlash

P.S.
Found also a thread here (same errors), but he's cpanel/plesk:
http://forums.ev1servers.net/showth...hlight=publickey+password+keyboardinteractive

 

[Mindlash]

bumpski! :D

 

[Mindlash]

:-(

 

[Juanra]

It seems to me that your trust relationship wasn't setup correctly. Set it up yourself by hand:

# man ssh-keygen

 

[Mindlash]

Juanra,
Thank youfor your suggestion.

Ok, so I've read the manual... and honestly it's a bit further than I.

I'm not sure how it interacts with the WHM scripts, so far as the passphrases, and what files need to be on what server.


I'm at a total loss... and I've not heard from cPanel since I put in my TT a couple days ago.

Does anyone have a possible walkthrough for setting up the trust relations manually?

.:. Mindlash

 

[Mindlash]

I dont' know if this will help matters, but...

This is what I get on my Master's /var/log/messages when I choose to syncronize DNS on the slave WHM:

Nov 16 19:58:58 server2 sshd(pam_unix)[15793]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=123.123.123.123 user=root
Nov 16 19:59:00 server2 sshd(pam_unix)[15793]: session opened for user root by (uid=0)
Nov 16 19:59:00 server2 sshd(pam_unix)[15793]: session closed for user root
Nov 16 19:59:01 server2 sshd(pam_unix)[15885]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=123.123.123.123 user=root
Nov 16 19:59:03 server2 sshd(pam_unix)[15885]: session opened for user root by (uid=0)
Nov 16 19:59:03 server2 sshd(pam_unix)[15885]: session closed for user root

NOTE '123.123.123.123' = substituted IP for Slave's IP


Within WHM on slave, I see the following:

Rebuilding DNS Zones List from master server .....
Rebuild Complete

... this help?

 

[Mindlash]

for anyone that's been following my days of unpleasantry with Master/Slave DNS zone transfers... I was forced to restart my Master yesterday... and wouldn't you know it.. the transfers have been flawless ever since. Go figure.